Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on DevOps, CI/CD, Automation and related technologies.

The Autumn Budget and what it means for IT Teams in the NHS

With all the hustle and bustle of hospitals, hard-working staff, and extensive cutting-edge equipment, we often forget about the invisible infrastructure that underpins our healthcare institutions. They all rely on the backbone of databases, and quick access to the data housed within them, to ensure systems at the front-end run seamlessly.

December/2021 - CVE-2021-44228: Log4Shell Remote Code Execution Mitigation

This post will be updated over the next several days. Recently, a Remote Code Execution vulnerability was discovered in the Apache Log4J library. This vulnerability, which is tracked in CVE-2021-44228, dubbed Log4Shell, allows attackers to execute arbitrary code on affected systems. While HAProxy Enterprise, HAProxy ALOHA, and other products within the HAProxy Technologies portfolio are not impacted by this (they do not use the Log4J library at all), you can use them to block the attack.

Getting started with Process Killer attacks

Modern applications come in a variety of forms–monoliths, microservices, serverless functions, and containers to name a few–but at the heart of all of these are processes. Processes are the fundamental unit of execution that we use to run programs, and although we need processes to run our applications, software engineers rarely think about them.

Log4j Log4Shell 0-Day Vulnerability: All You Need To Know

Last Thursday, a researcher from the Alibaba Cloud Security Team dropped a zero-day remote code execution exploit on Twitter, targeting the extremely popular log4j logging framework for Java (specifically, the 2.x branch called Log4j2). The vulnerability was originally discovered and reported to Apache by the Alibaba cloud security team on November 24th. MITRE assigned CVE-2021-44228 to this vulnerability, which has since been dubbed Log4Shell by security researchers.

Glide to JFrog DevSecOps with the New Experience

We’re excited to share with you that we have launched a completely new way to start using the JFrog DevOps Platform that you – as a developer – will love. We’ve provided a super-easy, developer-friendly path to discovering how Artifactory and Xray can help you produce safer apps, faster, getting started through the command line shell and IDE that you use every day.

You are a sinner (of data management)!

Let’s get to the point about data management: Businesses need data, but accumulating too much can be detrimental. Data overcrowding can corrupt IT professionals, turning them into greedy hoarders. Being indigestible with excessive repeated, outdated or banal information, the so-called ROT data, is bad. Companies of the world! The Devil tempts you with Big Data! Something that, if too much, could be harmful! We tell you all about it in this article.

Shhh... we have Private Incidents

We’re excited to announce that private incidents are now available on FireHydrant. For the first time, incidents can have visibility limited to only permissioned users are able to see. This is a great solution for security and compliance teams who need to collaborate with their engineering counterparts to resolve incidents. The nature of these incidents that these teams work on dramatically differs from operational incidents.

Cloudsmith By the Numbers 2021

Another amazing year in the books! And even though we’ve done the ‘By the Numbers’ series for a few years now, this year’s numbers are the best (and biggest) yet. But even better than that? The people behind the numbers. Carrying on the growth we saw in 2020, the most important number to highlight this year is the massive increase in awesome Cloudsmithers we added to the team!

Internet of Things and Ubuntu: 2021 highlights

With rising unit shipments and hardware spending, 2021 will go into the record books as a critical year in the ever-increasing adoption of connected devices. Ubuntu – the modern, open-source Linux operating system for the enterprise server, desktop, and cloud – is rapidly becoming the de-facto standard for Internet of Things ( IoT) devices.